/**
* 验证当前登录的Subject
*
* @see 经测试:本例中该方法的调用时机为LoginController.login()方法中执行Subject.login()时
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0)
throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) arg0;
try {
LoginUser luser = loginUserService.getUserByLoginName(token.getUsername(), token.getHost());
if (luser == null) throw new AuthenticationException("无效的用户");
// 用luser中的loginAccount与password和token中的数据做比较
AuthenticationInfo authcInfo =
new SimpleAuthenticationInfo(
luser.getLoginAccount(), luser.getLoginPassword(), this.getName());
return authcInfo;
} catch (Exception e) {
e.printStackTrace();
throw new AuthenticationException(e.getMessage());
}
}
